Lucene search
TwcertCVE-2022-39021HistoryOct 31, 2022 - 7:15 a.m.
CVE-2022-39021
2022-10-3107:15:09
CWE-601
twcert
web.nvd.nist.gov
34
3
cve-2022-39021
u-office
force login
open redirect
nvd
vulnerability
security
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
6.4
Confidence
High
EPSS
0.001
Percentile
44.6%
U-Office Force login function has an Open Redirect vulnerability. An unauthenticated remote attacker can exploit this vulnerability to redirect user to arbitrary website.
Affected configurations
Node
edetwu-office_forceRange≤20.50.7821d
| Vendor | Product | Version | CPE |
|---|---|---|---|
| edetw | u-office_force | * | cpe:2.3:a:edetw:u-office_force:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "e-Excellence Inc.",
"product": "U-Office Force",
"versions": [
{
"version": "unspecified",
"lessThanOrEqual": "20.50.7821D Build:202104sp1",
"status": "affected",
"versionType": "custom"
}
]
}
]Social References
More
Related
cvelist
cvelist
CVE-2022-39021 e-Excellence Inc. U-Office Force - Open Redirect
2022-10-31 06:40:33
prion
prion
Open redirect
2022-10-31 07:15:00
nvd
nvd
CVE-2022-39021
2022-10-31 07:15:09
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
6.4
Confidence
High
EPSS
0.001
Percentile
44.6%
Related for CVE-2022-39021